nTimetools
nTimetools is a suite of console tools developed to work with timestamps in Windows. nTimetools comprises 2 tools that allow both forensic analysts as well as red teamers to modify and verify file timestamps up to 100-nanosecond precision. nTimeview allows forensic analysts to view the MACB timestamps of files on a live system. It uses the undocumented NtQueryInformationFile API. As such, it works on NTFS/FAT and even mapped drives. It does not require privileged access. nTimestomp allows red teamers to timestomp MACB timestamps of files with 100-nanosecond level precision. Forensic analysts are usually taught to spot 0s in the millisecond position as evidence that timestomping has occurred.
FEATURES
ALTERNATIVES
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.
Tool for parsing Android logs events and protobuf data
Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.
Analyzing WiFiConfigStore.xml file for digital forensics on Android devices.
Automated collection tool for incident response triage in Windows systems.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.